System and method for distributing digital works, apparatus and method for reproducing digital works, and computer program product

ABSTRACT

An editing apparatus generates a capsular work in which usage conditions for each of plural usages and usage secret information, obtained by encrypting a decryption key encrypted work data with ticket keys which differ depending on usage from each other, are encapsulated together with the encrypted work data. A ticket server apparatus, which manages the usage conditions and the ticket keys, issues a ticket containing a ticket key in the case of allowing a user to practice the usage requested by the user. A distribution center apparatus, which manages the capsular work, distributes the capsular work in accordance with the user&#39;s request. An audiovisual apparatus acquires the capsular work from the distribution center apparatus and requests the ticket necessary to make use of the capsular work from the ticket server apparatus. The audiovisual apparatus decrypts the encrypted work data contained in the capsular work and reproduces the work data only in the case where the audiovisual apparatus has acquired the ticket.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to a system and method for distributingdigital works, an apparatus and method for reproducing digital works,and computer program products including computer usable mediums in whichcomputer readable programs for the above system, apparatus and methodshave been embodied. More particularly, the present invention relates tothe control of use of digital works, the control of use of secondaryworks, and the levy of charges for the use of digital works.

2. Description of the Related Art

In a digital work distribution system, encrypted software and multimediacontents are supplied to users, and the users pay prices conforming tothe usage rules presented by sellers, through utilization of creditcards, banks, electronic money, etc. An example of a conventionaldigital work distribution system is described in Unexamined JapanesePatent Application KOKAI Publication No. H9-138827.

The digital work distribution system described in the above publicationincludes a distribution center apparatus and a user apparatus. Havingmade an appropriate usage contract with a user in regard to a work whichthe user has requested through the user apparatus, the distributioncenter apparatus encrypts work data representing the work by using apublic key of the user, and transmits the encrypted work data to theuser apparatus.

The work data sent to the user apparatus has usage conditions affixedthereto. Based on those usage conditions, the use of the work isrestricted to a usage such as “reference only”, “editable” or the like.Original data, secondary work data, etc. are encapsulated together toprovide a secondary work, which is distributed through the distributioncenter apparatus as in the case of the original data.

Another work distribution system is also generally well known, in whicha work is encrypted and a decipher key of the work is distributed onlyin the case where a predetermined amount of money has been paid.

Meanwhile, a Kerberos system is also well known, which verifies using acommon cipher that authentication information I is information generatedby a prover P.

According to this system:

-   (1) a key distribution center passes, to the prover P, a key “Kc, s”    and a ticket in which data, containing the authentication    information I and a session key “Kp, v”, has been encrypted with a    key of the prover P;-   (2) the prover P passes the ticket to a verifier V;-   (3) the prover P also passes to the verifier V an authenticator in    which the authentication information I has been encrypted with the    key “Kc, s”;-   (4) the verifier V decrypts the authentication information I and the    key “Kp, V” contained in the ticket by using a key Kv, and further    decrypts the authentication information I contained in the    authenticator by using the key “Kc, s”, and then certifies that the    authentication information I contained in the ticket and that    contained in the authenticator are identical with each other.

Let it be considered the case wherein the above-described Kerberossystem is applied to a digital work distribution system, and theauthentication information is replaced by a work, while the session keysare replaced by keys according to usage of the work. In this case, theuse of the work can be controlled by distributing the work in anencrypted state and distributing the ticket (not containing the work) atthe time of use of the work.

According to another digital work distribution system in which the useof the work is strictly limited, an inhibited usage list that specifiesimpossible usages is affixed to the work, and the list is interpreted todetermine whether a variety of usages can be practiced or not. Anexample of this kind of digital work distribution system is described inUnexamined Japanese Patent Application KOKAI Publication No. H9-269916.

The digital work distribution system described in the above publicationincludes an editing apparatus, a distribution server apparatus and anaudiovisual apparatus. The editing apparatus edits a work, generates aninhibited usage list, and encapsulates them in a capsular work. Thedistribution server apparatus distributes the capsular work to theaudiovisual apparatus. The audiovisual apparatus opens the capsularwork. Based on the inhibited usage list, such hooks as would prevent theinterprocess communications of messages are applied in correspondencewith a variety of usages to an operating system for the audiovisualapparatus. By so doing, the usages specified in the list are inhibited.

According to another digital work distribution system which enables thecopyright of the secondary work to be protected, the author of asecondary work generates a secondary cipher key different from a cipherkey used to encrypt the primary work. The secondary work is encryptedwith the secondary cipher key and is then distributed. In this case, inorder to grasp the authoring of such secondary works, a copyrightmanagement center manages their secondary cipher keys. An example ofthis kind of digital work distribution system is described in UnexaminedJapanese Patent Application KOKAI Publication No. H8-272745.

According to the digital work distribution system described in the abovepublication, a primary work is encrypted with a primary cipher key. Inthe case of creating and distributing the secondary work which utilizesthe primary work, the secondary cipher key is generated and thesecondary work is distributed after encrypted with the secondary cipherkey. The secondary work is one in which the original data representingthe primary work and procedures for creating the secondary work havebeen encapsulated. The primary cipher key is used to decrypt theencrypted original data representing the primary work, while thesecondary cipher key is used to decrypt the entirety of the encryptedsecondary work.

There has been proposed a method for making a charge for use of a workon the basis of the monitored frequency of use. An example of a workusage control system employing this method is described in UnexaminedJapanese Patent Application KOKAI Publication No. H8-95777.

In the work usage control system described in the above publication, thefrequency of use, i.e., the number of times a work has been used, iscounted each time a predetermined use of the work is made. The work hasthe charging information affixed thereto. The charging information hasundertaken such a setting as would allow the work to be used apredetermined number of times without charge.

The conventional systems described above have the following drawbacks:

The first drawback is that an author's request and a seller's request asto the control of a distributed work are not satisfactorily reflected.This is because only a fixed usage of capsular work data received by auser is controllable. In the case where the author and the seller wishto control different usages of the work data, they have to make a numberof usage conditions and perform encapsulation with respect to each ofthose usage conditions. However, this cannot be said to be enough toreflect the intentions of the author and seller.

The second drawback is that it is risky to encapsulate the usageconditions and the work together. The reason for this is that althoughthe usage conditions and the work data are stored in a nonvolatilememory, any illicit change can be made to the usage conditions stored inthe nonvolatile memory.

The third drawback is that the efficiency of use of the secondary workis low. The reason for this is that according to a method as thatdescribed in Unexamined Japanese Patent Application KOKAI PublicationNo. H8-272725 mentioned previously, the encrypted original work has tobe decrypted first and thereafter data added as the secondary work hasto be decrypted in the case of using the secondary work. Normally, awork such as an image or a moving picture is excessively large in size.Therefore, if decryption is executed a number of times as in the case ofthe above method, this will considerably lower the throughput of areproducing process.

The fourth drawback is that retaining the variety of distributed worksis difficult. This is because if a method for making a charge ispredetermined according to system or if a charge is made based only on afixed unit, e.g. the frequency of use, this will entail the difficultyof dealing with a variety of works, such as works (of a pay-per-viewtype) like movies and works (of such a type as can be used over and overwithout charge once purchased) like books.

SUMMARY OF THE INVENTION

It is accordingly an object of the present invention to reflect theintentions of authors and sellers as regards the control of use ofdistributed digital works.

It is another object of the present invention to ensure improvedsecurity to digital works.

It is a further object of the present invention to suppress the loweringof throughput due to encrypted work data being decrypted at the time ofreproducing secondary works.

It is a still further object of the present invention to enhance theflexibility of the processing of making charges for digital works.

According to the first aspect of the present invention, there isprovided a digital work distribution system for distributing digitalworks, comprising:

-   -   usage condition setting means for setting conditions for plural        usages of work data to be distributed;    -   work encrypting means for encrypting the work data with a        predetermined encryption key;    -   ticket key generating means for generating different ticket        encryption keys and their corresponding ticket decryption keys,        each of the ticket encryption keys and its corresponding one of        the ticket decryption keys being associated with conditions for        one usage among the conditions for the plural usages which have        been set by the usage condition setting means;    -   decryption key encrypting means for encrypting a predetermined        decryption key corresponding to the predetermined encryption        key, by using each of the ticket encryption keys generated each        in association with the conditions for one of the plural usages        by the ticket key generating means;    -   encapsulating means for encapsulating the work data and the        predetermined decryption key which the decryption key encrypting        means has encrypted using each of the ticket encryption keys        generated each in association with the conditions for one of the        plural usages, and for generating a capsular work which contains        the work data and the predetermined decryption key;    -   usage condition storing means for storing, in association with        each other, the conditions for the plural usages which have been        set by the usage condition setting means and the ticket        decryption keys corresponding to the ticket encryption keys        generated each in association with the conditions for one of the        plural usages and used to encrypt the predetermined decryption        key;    -   ticket decryption key encrypting means for encrypting, in reply        to an external request for use of the work data, a ticket        decryption key which is associated with the conditions for one        usage corresponding to the request among the ticket decryption        keys stored in the usage condition storing means; and    -   ticket distribution means for distributing the ticket decryption        key encrypted by the ticket decryption key encrypting means to a        requester who has made the request for use of the work data.

In the above-described digital work distribution system, the distributedcapsular work does not contain the decryption key of its work data.Therefore, the work data can be distributed freely with security beingmaintained. In the case of allowing a user to make use of the work data,the ticket distributing means needs only distribute a ticket encryptionkey to him/her. This enhances the work distribution area and promotesthe use of the work data.

Furthermore, the usage condition setting means sets usage conditions forusages of the work data, and the ticket key generating means generatesticket keys (encryption keys and decryption keys) which differ dependingon the usage conditions. This enables the work data to be used on theusage conditions set in accordance with the intentions of an author anda seller.

According to the second aspect of the present invention, there isprovided a digital work distribution system for distributing digitalworks, comprising first and second computers which are connected to eachother via a network and each of which has a memory and a centralprocessing unit, wherein the first computer executes a program toperform:

-   -   setting conditions for plural usages of work data to be        distributed;    -   encrypting the work data with a predetermined encryption key;    -   generating different ticket encryption keys and their        corresponding ticket decryption keys, each of the ticket        encryption keys and its corresponding one of the ticket        decryption keys being associated with conditions for one usage        among the set conditions for the plural usages;    -   encrypting a predetermined decryption key corresponding to the        predetermined encryption key, by using each of the ticket        encryption keys generated each in association with the        conditions for one of the plural usages; and    -   encapsulating the work data and the predetermined decryption key        encrypted using each of the ticket encryption keys generated        each in association with the conditions for one of the plural        usages, and generating a capsular work which contains the work        data and the predetermined decryption key; and    -   the second computer executes a program to perform:        -   storing, in association with each other, the conditions for            the plural usages which have been set by the first computer            and the ticket decryption keys corresponding to the ticket            encryption keys generated each in association with the            conditions for one of the plural usages and used to encrypt            the predetermined decryption key;        -   encrypting, in reply to an external request for use of the            work data, a ticket decryption key which is associated with            the conditions for one usage corresponding to the request            among the stored ticket decryption keys; and        -   distributing the encrypted ticket decryption key to a            requester who has made the request for use of the work data.

The above-described digital work distribution system may furthercomprise a third computer which is connected to the network and whichhas a memory and a processor, and the third computer can perform:

-   -   storing the capsular work generated by the first computer; and        distributing the stored capsular work.

In the digital work distribution system, the predetermined encryptionkey and the predetermined decryption key corresponding thereto may be anidentical key adopting a common cryptographic system.

A common cryptographic key which is a random number may be used forencryption and decryption of the capsular work.

Furthermore, in the above-described digital work distribution system,each of the ticket encryption keys and its corresponding one of theticket decryption keys may be an identical key adopting a commoncryptographic system.

Moreover, the first computer and the second computer may be the samecomputer.

The first computer may further perform:

-   -   generating secondary work data to be distributed, based on the        work data contained in the capsular work;    -   setting conditions for plural usages of the secondary work data        to be distributed;    -   encrypting the secondary work data with a predetermined        encryption key;    -   generating different original ticket keys each in association        with the conditions for one of the plural usages of the        secondary work data;    -   encrypting a predetermined decryption key corresponding to the        predetermined encryption key of the secondary work data, by        using each of the original ticket keys generated each in        association with the conditions for one of the plural usages of        the secondary work data;    -   encapsulating the secondary work data and the predetermined        decryption key encrypted using each of the original ticket keys        generated each in association with the conditions for one of the        plural usages of the secondary work data, and generating a        capsular work which contains the secondary work data and the        predetermined decryption key; and    -   generating other ticket decryption keys, based on the original        ticket keys and the ticket decryption keys of the work data on        which the secondary work data bases; and    -   the second computer may further perform:        -   storing the conditions for the plural usages of the            secondary work and the aforementioned other ticket            decryption keys in association with each other and            transmitting, in reply to an external request for use of the            secondary work data, one of the aforementioned other ticket            decryption keys which is associated with the conditions for            one usage corresponding to the request, to a requester who            has made the request for use of the secondary work.

In this case, the secondary work data can be distributed in the samemanner as the primary work data. This promotes the work authoringactivities. In order to make use of the secondary work, any originalticket key is required. In order to acquire any original ticket key, aticket decryption key of the original work data and a corresponding oneof the aforementioned other ticket decryption keys are necessary. Thus,the copyright owned by the primary author is protected satisfactorily.

The first computer may otherwise further perform:

-   -   generating charging modules to effect processing of making a        charge for the work data to be distributed, each of the charging        modules being associated with the conditions for one of the        plural usages;    -   further encapsulating, in the capsular work, the charging        modules generated each in association with the conditions for        one of the plural usages; and    -   the second computer may otherwise further perform:        -   storing pieces of charging module identification for            identifying the charging modules, in association with the            conditions for the plural usages.

In this case, the charging processing is executed by the chargingmodules. The charging modules can be generated each for the conditionsof one of the plural usages, and therefore an appropriate chargingmethod can be flexibly selected depending on the intentions of an authorand a seller as to the distribution or depending on the characters of awork.

The above-described digital work distribution system may furthercomprise a third computer which is connected to the network and whichhas a memory and a processor, and the third computer may perform:

-   -   acquiring the capsular work generated by the first computer;    -   acquiring a ticket decryption key corresponding to a ticket        encryption key associated with the conditions for a desired one        of the plural usages and contained in the acquired capsular        work;    -   decrypting, with the acquired ticket decryption key, the        encrypted decryption key contained in the capsular work;    -   decrypting the work data contained in the capsular work by using        the decrypted decryption key; and reproducing the decrypted work        data.

In the case where the digital work distribution system is structured asabove, the first computer may further perform:

-   -   generating charging modules to effect processing of making a        charge for the work data to be distributed, each of the charging        modules being associated with the conditions for one of the        plural usages; and    -   further encapsulating, in the capsular work, the charging        modules generated each in association with the conditions for        one of the plural usages; and    -   the second computer may further perform:        -   storing pieces of charging module identification information            for identifying the charging modules, in association with            the conditions for the plural usages, and distributing, to            the requester who has made the request for use of the work            data, a piece of charging module identification information            associated with the conditions for one usage corresponding            to the request among the stored pieces of charging module            identification; and    -   the third computer may further perform:        -   extracting the charging modules contained in the acquired            capsular work and storing the extracted charging modules;            and        -   executing the processing of making a charge for the work            data by employing one of the stored charging modules in            accordance with the piece of charging module identification            information transmitted in reply to the request for use of            the work data.

According to the third aspect of the present invention, there isprovided a digital work reproduction apparatus for reproducing digitalworks, comprising an input section, an output section, a memory whichstores a predetermined program, and a central processing unit, whereinthe central processing unit executes the predetermined program, storedin the memory, for performing:

-   -   acquiring a capsular work in which work data encrypted with a        predetermined encryption key, and a predetermined decryption key        encrypted with each of different ticket encryption keys        associated each with conditions for one of plural usages of the        work data, are encapsulated;    -   acquiring a ticket decryption key corresponding to a ticket        encryption key associated with the conditions for a desired one        of the plural usages and contained in the acquired capsular        work;    -   decrypting, with the acquired ticket decryption key, the        encrypted predetermined decryption key contained in the capsular        work;    -   decrypting, with the decrypted predetermined decryption key, the        work data contained in the capsular work; and    -   reproducing the decrypted work data.

In the above-described digital work reproduction apparatus, chargingmodules to effect processing of making a charge for the work data may befurther encapsulated in the capsular work, and the central processingunit may perform:

-   -   acquiring a piece of charging module identification information        which is associated with the conditions for the desired one of        the plural usages, among pieces of charging module        identification information for identifying the charging modules;    -   extracting the charging modules contained in the acquired        capsular work and storing the extracted charging modules; and    -   executing the processing of making a charge for the work data by        employing one of the stored charging modules in accordance with        the acquired piece of charging module identification        information.

According to the fourth aspect of the present invention, there isprovided a digital work distribution method for distributing digitalworks, comprising:

-   -   setting conditions for plural usages of work data to be        distributed;    -   encrypting the work data with a predetermined encryption key;    -   generating different ticket encryption keys and their        corresponding ticket decryption keys, each of the ticket        encryption keys and its corresponding one of the ticket        decryption keys being associated with the set conditions for one        of the plural usages;    -   encrypting a predetermined decryption key corresponding to the        predetermined encryption key, by using each of the ticket        encryption keys generated each in association with the        conditions for one of the plural usages;    -   encapsulating the work data and the predetermined decryption key        encrypted using each of the ticket encryption keys associated        each with the conditions for one of the plural usages, and        generating a capsular work which contains the work data and the        predetermined decryption key;    -   storing, in association with each other, the set conditions for        the plural usages and the ticket decryption keys corresponding        to the ticket encryption keys generated each in association with        the conditions for one of the plural usages and used to encrypt        the predetermined decryption key;    -   encrypting, in reply to an external request for use of the work        data, a ticket decryption key which is associated with the        conditions for one usage corresponding to the request among the        stored ticket decryption keys; and    -   distributing the encrypted ticket decryption key to a requester        who has made the request for use of the work data.

The above-described digital work distribution method may furthercomprise:

-   -   generating secondary work data to be distributed, based on the        work data contained in the capsular work;    -   setting conditions for plural usages of the secondary work data        to be distributed;    -   encrypting the secondary work data with a predetermined        encryption key;    -   generating different original ticket keys each in association        with the conditions for one of the plural usages of the        secondary work data;    -   encrypting a predetermined decryption key corresponding to the        predetermined encryption key of the secondary work data, by        using each of the original ticket keys generated each in        association with the conditions for one of the plural usages of        the secondary work data;    -   encapsulating the secondary work data and the predetermined        decryption key encrypted using each of the original ticket keys        generated each in association with the conditions for one of the        plural usages, and generating a capsular work which contains the        secondary work data and the predetermined decryption key;    -   generating other ticket decryption keys, based on the original        ticket keys and the ticket decryption keys of the work data on        which the secondary work data bases; and    -   storing the conditions for the plural usages of the secondary        work and the aforementioned other ticket decryption keys in        association with each other and transmitting, in reply to an        external request for use of the secondary work data, one of the        aforementioned other ticket decryption keys which is associated        with the conditions for one usage corresponding to the request,        to a requester who has made the request for use of the secondary        work.

The above-described digital work distribution method may otherwisefurther comprise:

-   -   generating charging modules to effect processing of making a        charge for the work data to be distributed, each of the charging        modules being associated with the conditions for one of the        plural usages;    -   further encapsulating, in the capsular work, the charging        modules generated each in association with the conditions for        one of the plural usages; and    -   storing pieces of charging module identification information for        identifying the charging modules, in association with the        conditions for the plural usages.

According to the fifth embodiment of the present invention, there isprovided a digital work reproduction method for reproducing digitalworks, comprising:

-   -   acquiring a capsular work in which work data encrypted with a        predetermined encryption key, and a predetermined decryption key        corresponding to the predetermined encryption key and encrypted        with each of different ticket encryption keys associated each        with conditions for one of plural usages of the work data, are        encapsulated;    -   acquiring a ticket decryption key corresponding to a ticket        encryption key associated with the conditions for a desired one        of the plural usages and contained in the acquired capsular        work;    -   decrypting, with the acquired ticket decryption key, the        encrypted predetermined decryption key contained in the capsular        work;    -   decrypting, with the decrypted predetermined decryption key, the        work data contained in the capsular work; and    -   reproducing the decrypted work data.

According to the sixth aspect of the present invention, there isprovided a computer program product, including a computer usable mediumhaving a computer readable program embodied therein for executing:

-   -   setting conditions for plural usages of work data to be        distributed;    -   encrypting the work data with a predetermined encryption key;    -   generating different ticket encryption keys and their        corresponding ticket decryption keys, each of the ticket        encryption keys and its corresponding one of the ticket        decryption keys being associated with the set conditions for one        of the plural usages;    -   encrypting a predetermined decryption key corresponding to the        predetermined encryption key, by using each of the ticket        encryption keys generated each in association with the        conditions for one of the plural usages; and    -   encapsulating the work data and the predetermined decryption key        encrypted using each of the ticket encryption keys generated        each in association with the conditions for one of the plural        usages, and generating a capsular work which contains the work        data and the predetermined decryption key.

In the above-described computer program product, the program may furtherexecute:

-   -   generating secondary work data to be distributed, based on the        work data contained in the capsular work;    -   setting conditions for plural usages of the secondary work data        to be distributed;    -   encrypting the secondary work data with a predetermined        encryption key;    -   generating different original ticket keys each in association        with the conditions for one of the plural usages of the        secondary work data;    -   encrypting a predetermined decryption key corresponding to the        predetermined encryption key of the secondary work data, by        using each of the original ticket keys generated each in        association with the conditions for one of the plural usages of        the secondary work data;    -   encapsulating the secondary work data and the predetermined        decryption key encrypted using each of the original ticket keys        generated each in association with the conditions for one of the        plural usages of the secondary work data, and generating a        capsular work which contains the secondary work data and the        predetermined decryption key; and    -   generating other ticket decryption keys, based on the original        ticket keys and the ticket decryption keys of the work data on        which the secondary work data bases.

In the above-described computer program product, the program mayotherwise further execute:

-   -   generating charging modules to effect processing of making a        charge for the work data to be distributed, each of the charging        modules being associated with the conditions for one of the        plural usages; and    -   further encapsulating, in the capsular work, the charging        modules generated each in association with the conditions for        one of the plural usages.

According to the seventh aspect of the present invention, there isprovided a computer program product, including a computer usable mediumhaving a computer readable program embodied therein for executing:

-   -   storing, in association with each other, conditions for plural        usages of work data and ticket decryption keys which correspond        to ticket encryption keys associated each with conditions for        one of the plural usages and used to encrypt a decryption key of        the work data encrypted;    -   encrypting, in reply to an external request for use of the work        data, a ticket decryption key which is associated with the        conditions for one usage corresponding to the request among the        stored ticket decryption keys; and    -   distributing the encrypted ticket decryption key to a requester        who has made the request for use of the work data.

According to the eighth aspect of the present invention, there isprovided a computer program product, including a computer usable mediumhaving a computer readable program embodied therein for executing:

-   -   acquiring a capsular work in which work data encrypted with a        predetermined encryption key, and a predetermined decryption key        corresponding to the predetermined encryption key and encrypted        using each of different ticket encryption keys associated with        conditions for plural usages of the work data, are encapsulated;    -   acquiring a ticket decryption key corresponding to a ticket        encryption key which is associated with the conditions for a        desired one of the plural usages and which is contained in the        acquired capsular work;    -   decrypting, with the acquired ticket decryption key, the        predetermined decryption key encrypted using the ticket        encryption keys and contained in the capsular work;    -   decrypting the work data contained in the capsular work by using        the decrypted predetermined decryption key; and    -   reproducing the decrypted work data.

According to the ninth aspect of the present invention, there isprovided a program signal embedded in a carrier wave and representing aprogram comprising:

-   -   a usage condition setting segment which sets conditions for        plural usages of work data to be distributed;    -   a work encrypting segment which encrypts the work data with a        predetermined encryption key;    -   a ticket key generating segment which generates different ticket        encryption keys and their corresponding ticket decryption keys,        each of the ticket encryption keys and its corresponding one of        the ticket decryption keys being associated with conditions for        one usage among the conditions for the plural usages which have        been set by the usage condition setting segment;    -   a decryption key encrypting segment which encrypts a        predetermined decryption key corresponding to the predetermined        encryption key, by using each of the ticket encryption keys        generated each in association with the conditions for one of the        plural usages; and    -   an encapsulating segment which encapsulates the work data and        the predetermined decryption key encrypted using each of the        ticket encryption keys generated each in association with the        conditions for one of the plural usages, and which generates a        capsular work containing the work data and the predetermined        decryption key.

In the above-described program signal, the program may further comprise:

-   -   a secondary work data generating segment which generates        secondary work data to be distributed, based on the work data        contained in the capsular work generated by the encapsulating        segment;    -   a usage condition setting segment which sets conditions for        plural usages of the secondary work data to be distributed;    -   a secondary work encrypting segment which encrypts the secondary        work data with a predetermined encryption key;    -   an original ticket key generating segment which generates        different original ticket keys each in association with the        conditions for one of the plural usages of the secondary work        data;    -   a decryption key encrypting segment which encrypts a        predetermined decryption key corresponding to the predetermined        encryption key, by using each of the original ticket keys        generated each in association with the conditions for one of the        plural usages of the secondary work data;    -   an encapsulating segment which encapsulates the secondary work        data and the predetermined decryption key encrypted using each        of the original ticket keys generated each in association with        the conditions for one of the plural usages of the secondary        work data, and which generates a capsular work containing the        secondary work data and the predetermined decryption key; and    -   a ticket decryption key generating segment which generates other        ticket decryption keys, based on the original ticket keys and        the ticket decryption keys of the work data on which the        secondary work data bases.

In the above-described program signal, the program may otherwise furthercomprise:

-   -   a charging module generating segment which generates charging        modules to effect processing of making a charge for the work        data to be distributed, each of the charging modules being        associated with the conditions for one of the plural usages; and    -   an encapsulating segment which further encapsulates, in the        capsular work, the charging modules generated each in        association with the conditions for one of the plural usages by        the charging module generating segment.

According to the tenth aspect of the present invention, there isprovided a program signal embedded in a carrier wave and representing aprogram which comprises:

-   -   a usage condition storing segment which stores, in association        with each other, conditions for plural usages of work data and        ticket decryption keys which correspond to ticket encryption        keys associated each with conditions for one of the plural        usages and used to encrypt a decryption key of the work data        encrypted;    -   a ticket decryption key encrypting segment which encrypts, in        reply to an external request for use of the work data, a ticket        decryption key which is associated with the conditions for one        usage corresponding to the request among the stored ticket        decryption keys; and    -   a ticket distribution segment which distributes the encrypted        ticket decryption key to a requester who has made the request.

According to the eleventh aspect of the present invention, there isprovided a program signal which represents a program comprising:

-   -   a capsular work acquiring segment which acquires a capsular work        in which work data encrypted with a predetermined encryption        key, and a predetermined decryption key encrypted with each of        different ticket encryption keys associated with conditions for        plural usages of the work data, are encapsulated;    -   a ticket decryption key acquiring segment which acquires a        ticket decryption key corresponding to a ticket encryption key        associated with the conditions for a desired one of the plural        usages and contained in the acquired capsular work;    -   a decryption key decrypting segment which decrypts, with the        acquired ticket decryption key, the predetermined decryption key        encrypted using the ticket encryption keys and contained in the        capsular work; and    -   a work data decrypting segment which decrypts the work data        contained in the capsular work by using the decrypted        predetermined decryption key.

BRIEF DESCRIPTION OF THE DRAWINGS

These objects and other objects and advantages of the present inventionwill become more apparent upon reading of the following detaileddescription and the accompanying drawings in which:

FIG. 1 is a block diagram showing the structure of a work distributionsystem according to the first embodiment of the present invention;

FIG. 2 is a diagram showing the hardware structure of the workdistribution system according to the first embodiment of the presentinvention;

FIG. 3 is a flowchart which schematically shows operations performed inthe first embodiment of the present invention;

FIG. 4 is a flowchart showing the operations of an editing apparatusaccording to the first embodiment of the present invention;

FIG. 5 is a flowchart showing communications between a distributioncenter apparatus and an audiovisual apparatus according to the firstembodiment of the present invention;

FIG. 6 is a flowchart showing communications between a ticket serverapparatus and the audiovisual apparatus according to the firstembodiment of the present on;

FIG. 7 is a diagram exemplifying a usage condition setting dialog;

FIG. 8 is a diagram exemplifying the operation of setting usageconditions;

FIG. 9 is a diagram showing the operation of generating usage secretinformation;

FIG. 10 is a diagram exemplifying a usage secret information table;

FIG. 11 is a diagram exemplifying the structure of a capsular workaccording to the first embodiment of the present invention;

FIGS. 12(a) and (b) are diagrams showing the structure of a usagecondition description and an/example of the usage condition descriptionwhen written an access language;

FIGS. 13(a) and 13(b) are diagrams showing a hierarchical structure inthe case where a work contains a plurality of objects and exemplifyingits usage condition description written in the access control language;

FIG. 14 is a diagram exemplifying a work index screen which is displayedon the audiovisual apparatus at the time of access to the distributioncenter apparatus;

FIG. 15 is a diagram exemplifying the structure of a ticket according tothe first embodiment of the present invention;

FIG. 16 is a block diagram illustrating the structure of a workdistribution system according to the second embodiment of the presentinvention;

FIG. 17 is a flowchart which schematically shows operations performed inthe second embodiment of the present invention;

FIG. 18 is a flowchart showing the operations of a first audiovisualapparatus and of an editing apparatus according to the second embodimentof the present

FIG. 19 is a flowchart showing communications between a ticket serverapparatus and a second audiovisual apparatus according to the firstembodiment of the resent invention;

FIG. 20 is a diagram showing the generation of a second ticket keyemploying a divisional function;

FIG. 21 is a diagram exemplifying the structure of a capsular workaccording to the second embodiment of the present invention;

FIG. 22 is a block diagram showing the structure of a work distributionsystem according to the third embodiment of the present invention;

FIG. 23 is a flowchart which schematically shows operations performed inthe third embodiment of the present invention;

FIG. 24 is a flowchart showing the operations of an editing apparatusaccording to the third embodiment of the present invention;

FIG. 25 is a flowchart showing communications between a distributioncenter apparatus and an audiovisual apparatus according to the thirdembodiment of the present invention;

FIG. 26 is a diagram exemplifying the structure of a capsular workaccording to third embodiment of the present invention;

FIG. 27 is a diagram exemplifying the structure of a ticket according tothe third embodiment of the present invention;

FIG. 28 is a diagram illustrating an example of an execution queue;

FIG. 29 is a diagram showing a variety of methods carried out by aplurality of charging modules and an example of the function of eachmethod; and

FIGS. 30(a) and 30(b) are diagrams illustrating the structures of thecharging modules and their specific examples.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

Embodiments of the present invention will now be described withreference to the drawings.

First Embodiment

Referring to FIG. 1, a work distribution system according to the firstembodiment of the present invention includes an editing apparatus 1which edits, encapsulates and encrypts work data and usage conditionsfor usages of the work data, a ticket server apparatus 2 which managestickets, a distribution center apparatus 3 which distributes encryptedworks, and an audiovisual apparatus 4 where a work is utilized by auser. The editing apparatus 1 is owned by an author, while the ticketserver 2 and the distribution center apparatus 3 are owned by either theauthor or a sales agent. The audiovisual apparatus 4 is owned by theuser.

The editing apparatus 1 has a user input section 11 which includes akeyboard, a mouse, etc., a user output section 12 such as a monitor, ausage condition setting section 13, an editing processing section 14, anencapsulating processing section 15 and a registration interface section16.

The usage condition setting section 13 creates the usage conditions ofthe work data produced by the editing processing section 14, whilecarrying on a dialog with the author through the user input section 11and the user output section 12.

The editing processing section 14 creates the work data in accordancewith an input from the user input section 11, and displays the createdwork data on the user output section 12. The encapsulating processingsection 15 has an encrypting subsection 151, a ticket key generatingsubsection 152 and a random number generating subsection 153. Using eachof ticket keys acquired from the ticket key generating subsection 152,the encrypting subsection 151 of the encapsulating processing section 15encrypts random number R acquired from the random number generatingsubsection 153, and creates a usage secret information table based onthe encryption results. Furthermore, in the encapsulating processingsection 15, the encrypting subsection 151 encrypts random number R andthe work data produced by the editing processing section 14, andgenerates capsular work data into which the result of encrypting randomnumber R and the work data, and the usage secret information table havebeen combined.

The registration interface section 16 performs communications requiredfor registering the usage conditions and a ticket key in the ticketserver apparatus 2. Moreover, the registration interface section 16performs communications necessary for storing a capsular work in thedistribution center apparatus 3.

The ticket server apparatus 2 has a registration interface section 21, ausage condition storing section 22, a usage condition discriminatingsection 23, a ticket generating section 24, a ticket encrypting section25 and a distribution interface section 26.

The registration interface section 21 performs communications for theregistration of the usage conditions and ticket key created by theediting apparatus 1.

The usage condition storing section 22 stores the usage conditions andticket key acquired from the registration interface section 21.

The usage condition discriminating section 23 discriminates whether theusage which the audiovisual apparatus 4 has requested through thedistribution interface section 26 matches the usage conditions.

The ticket generating section 24 generates a ticket based on the usageconditions and ticket key stored in the usage condition storing section22.

The ticket encrypting section 25 takes out an appropriate ticket fromthe usage condition storing section 22 and encrypts the ticket dependingon who is the user thereof, in the case where the usage conditiondiscriminating section 23 determines that the usage requested by theaudiovisual apparatus 4 matches the usage conditions.

The distribution interface section 26 performs communications forreceiving the request from the audiovisual apparatus 4 andcommunications for transmitting the encrypted ticket generated by theticket encrypting section 25 to the audiovisual apparatus 4.

The distribution center apparatus 3 has a registration interface section31, a capsular work storing section 32 and a distribution interfacesection 33.

The registration interface section 31 performs communications forreceiving a capsular work generated by the editing apparatus 1.

The capsular work storing section 32 stores the capsular work receivedby the registration interface section 31.

The distribution interface section 33 performs communications fortransmitting a list of works stored in the capsular work storing section32 to the audiovisual apparatus 4 and communications for transmitting,to the audiovisual apparatus 4, a capsular work which meets the requestsent from the audiovisual apparatus 4.

The audiovisual apparatus 4 has a user input section 41 which includes akeyboard, a mouse, etc., a user output section 42 such as a monitor, areproducing processing section 43, a ticket interface section 44, aticket storing section 45, a capsular work interface section 46, acapsular work storing section 47 and a decapsulating section 48.

The reproducing processing section 43 reproduces the work data acquiredfrom the decapsulating section 48. The input and output of the work dataare performed through the user input section 41 and the user outputsection 42, respectively.

The ticket interface section 44 performs communications for receiving aticket from the ticket server apparatus 2, in accordance with thecapsular work and its usage which have been requested by the user.

The ticket storing section 45 stores the ticket acquired from the ticketinterface section 44.

The capsular work interface section 46 performs communications forreceiving the list of works from the distribution center apparatus 3 andcommunications for receiving a work, selected by the user on the basisof the list, from the distribution center apparatus 3.

The capsular work storing section 47 stores the capsular work acquiredfrom the capsular work interface section 43.

The decapsulating section 48, which has a decrypting subsection 481,acquires the capsular work requested by the user from the capsular workstoring section 47, acquires the ticket for the capsular work from theticket storing section 45, and decrypts the capsular work containing thework data through the decrypting subsection 481 by using the acquiredticket.

In the work distribution system illustrated in FIG. 1, the editingapparatus 1 and the ticket server apparatus 2 are connected to eachother via a network such as the Internet, as well as the editingapparatus 1 and the distribution center 3, the ticket server apparatus 2and the audiovisual apparatus 4, and the distribution center apparatus 3and the audiovisual apparatus 4.

FIG. 2 illustrates the hardware structure of the work distributionsystem shown in FIG. 1. With the illustrated structure, theabove-described functions of the respective apparatuses are realized.

The operations performed in the first embodiment will now be described.

Firstly the entire operation flow in the first embodiment will beexplained with reference to FIG. 3.

The author edits the work data with the editing apparatus 1, registersthe edited work data in the distribution center apparatus 3, sets theusage conditions through the editing apparatus 1, and registers theusage conditions in the ticket server apparatus 2 (step A).

Next the user acquires the desired work from the distribution centerapparatus 3, and stores it in the audiovisual apparatus 4 (step B).Furthermore, the user sends a request for use of the work to the ticketserver apparatus 2, acquires a ticket for the work therefrom and storesthe ticket in the audiovisual apparatus 4 (step C). Then, the user makesuse of the work through the audiovisual apparatus 4 (step D).

The process carried out by step A shown in FIG. 3 will be described inmore detail with reference to FIG. 4.

The author creates the work data by using the editing apparatus 1. Theediting processing section 14 has a function similar to that of commonmultimedia authoring software, and is capable of creating works in adialogic manner (step A1).

Then, the author sets the usage conditions to the work to bedistributed. This operation is controlled by the usage condition settingsection 13, and a dialog such as that illustrated in FIG. 7 is displayedon the user output section 12. Operating the user input section 11, theauthor sets the usage conditions for each usage in accordance with theprocedures shown in FIG. 8 (step A2).

Next, the author creates the capsular work based on the work data andthe usage conditions.

Firstly, the encrypting section 151 encrypts the work data in accordancewith random number R acquired from the random number generating section153 (step A3). If a common key cryptographic system is employed in thiscase, the time required for the encryption and decryption procedures canbe reduced.

Acquiring random numbers Ru from the random number generating section153, the ticket key generating section 152 encrypts the decryption key Rof the work data by using random numbers Ru one after another as a key,thus obtaining usage secret information E [Ru] (R) in association witheach of the usages for which the usage conditions have been set (stepA4). FIG. 9 schematically illustrates those procedures.

Here, formula E [K] (D) represents the result of encrypting data D withkey K. A similar representation will be hereinafter adopted.

Next, a table which contains combinations each being made up of one ofthe plural usages and the corresponding usage secret information iscreated as shown in FIG. 10. This table will be hereinafter referred toas the usage secret information table. Then, the usage secretinformation table, the encrypted work data and work information whichspecifies author ID representing the author's name, work ID representingthe name of the work, and the ticket issuer, etc. are combined togenerate a capsular work having such a structure as that illustrated inFIG. 11 (step A5).

Furthermore, the usage conditions which have been set thus aretranslated into formal descriptions in an access control language asshown in FIGS. 12(a) and 12(b) (step A6). In the descriptions written inthe access control language, the available usages are declared inrelation to each of the objects contained in a work, and the usageconditions are declared in relation to each usage. The ticket keys Ruare embedded in the declarations relating to the usages. Morespecifically, an ID which specifies an object is presented, andthereafter a character string which represents a usage is presented.Next, condition descriptions specifying a variety of usage conditionsand parameters destined to the condition descriptions are listed andthereafter a ticket key is presented. Here, the “objects” indicatefundamental structural elements such as images and text.

In the case of setting more detailed usages such as “view in amonochrome display mode” and “view in a full-color display mode”, etc.under the above-described circumstances, objects to be displayed inmonochrome and objects to be displayed in full color, for example, maybe prepared. When utilizing a specific function through the audiovisualapparatus 4, a ticket issuing request may be made in relation to anobject suitable for the specific function.

Furthermore, in the case of organizing objects into a tree structurecomprising a combination of fundamental structural elements and thewhole work formed thereof, for example, the usage conditions which havebeen set to a higher-level object can be declared as those common to alllower-level objects belonging to the aforementioned higher-level object.According to the usage conditions in that case, an ID specifying theaforementioned higher-level object is presented, and thereafter an IDspecifying any child object which descends directly from theaforementioned higher-level object is presented. Next, a characterstring which represents a usage is presented, and then a combination ofa condition description and any parameters destined thereto is recitedas in the previously mentioned case. However, the declaration of ticketkeys for the lowest-level object or objects does not apply tohigher-level objects.

For example, let it be assumed that there is a work having structuralelements 1 to 7, and the structural relationship between those elementsis as shown in FIG. 13(a). In this case, the usage conditiondescriptions are as shown in FIG. 13(b).

In the case where the usage condition descriptions in such a form areinterpreted by the ticket server apparatus 2, each object basicallyinherits the usage conditions declared in relation to any ascendantobject thereof. However, in the case where a certain usage condition ispresented for a higher-level object and a similar usage condition ispresented for any descendant object thereof, the descendant objectadopts the condition presented for itself.

Giving the example shown in FIGS. 13(a) and 13(b):

-   (1) the condition “the displayable resolution is 640×480 or lower”    has been set to the whole work;-   (2) the condition “the charge to be made per view is 1 dollar” has    been set to the structural elements 3, 4 and 5; and-   (3) the condition “the charge to be made per view is 5 dollars” has    been set to the structural element 6.

In that case, the charge for use of the structural element 6 is 5dollars, and the displayable resolution of the structural element 6 is640×480 or lower.

Furthermore, in the example shown in FIGS. 13(a) and 13(b):

-   (4) the condition “the displayable resolution is 800×600 or less”    has been set to the structural element 7.

Consequently, as seen from (1), (2) and (4), the charge to be made foruse of the structural element 7 is 1 dollar, and the displayableresolution of the structural element 7 is 800×600 or less.

The usage condition descriptions thus generated are registered in theticket server apparatus 2 through the registration interface section 16(step A7). Meanwhile, the capsular work is registered in thedistribution center apparatus 3 through the registration interfacesection 16 (step A8).

Next the process carried out by step B shown in FIG. 3 will be explainedin more detail with reference to FIG. 5.

The user accesses the distribution center apparatus 3 through theaudiovisual apparatus 4 and acquires a catalog of works therefrom (stepB1). At that time, an index screen such as that illustrated in FIG. 14,for example, is displayed on the user output section 42.

The user selects the desired work on the index screen (step B2). Theindex screen may have a link which has been set thereon so that the usercan select the desired work on any other screen linked with the indexscreen. The audiovisual apparatus 4 sends a request for the selectedwork to the distribution center apparatus 3.

Having received the request from the audiovisual apparatus 4, thedistribution center apparatus 3 acquires the capsular work which meetsthe request from the capsular work storing section 32, and transmits theacquired capsular work to the audiovisual apparatus 4 through thedistribution interface section 33.

Having received the capsular work from the distribution center apparatus3 through the capsular work interface section 46, the audiovisualapparatus 4 stores the received work in the capsular work storingsection 47 (step B3).

Next, the process carried out by step C shown in FIG. 3 will beexplained in more detail with reference to FIG. 6.

The user firstly makes a request for use of the capsular work stored instep B3 in the capsular work storing section 47 (step C1).

In order that the reproducing processing section 43 of the audiovisualapparatus 4 can perform the processing of practicing the usagedesignated by the user in relation to the capsular work stored in thecapsular work storing section 47, the decapsulating section 48 dividesthe stored capsular work into work information, the usage secretinformation table and the encrypted work data. Having divided thecapsular work as above, the decapsulating section 48 checks whether therequired ticket has already been acquired or not. If the ticket hasalready been acquired, then the decapsulating section 48 decrypts theencrypted work data with the ticket. On the other hand, if the tickethas not yet been acquired, then the decapsulating section 48 makes areference to the ticket issuer specified by the work information, andrequests a ticket for the usage from the ticket issuer, i.e., the ticketserver apparatus 2, through the ticket interface section 44 (step C2).

The request for the ticket contains information such as “author ID”,“work ID”, “requesting user ID”, etc., specifying the work to be usedand a usage thereof, and information such as “requesting date”, forauthenticating the dealing of the ticket, and the display performances,etc. such as the resolution and maximum number of colors of the useroutput section 42.

The ticket server apparatus 2, which has received the request from theaudiovisual apparatus 4, makes a reference to the usage conditionsstored in the usage condition storing section 22 in association with therequested target work (step C3).

Then, in the ticket server apparatus 2, the usage conditiondiscriminating section 23 interprets the usage conditions and determineswhether to issue a ticket for the usage in reply to the request sentfrom the audiovisual apparatus 4 (step C4).

For example, in the case where a “ticket issuable user ID list” showingthe IDs of users for which tickets can be issued lists the user ID whichis contained in the request, the usage condition discriminating section23 determines to issue a ticket. On the other hand, in the case where itdoes not list the user ID which is contained in the request, the usagecondition discriminating section 23 determines to issue no ticket. Whenthe usage condition discriminating section 23 determines to issue noticket, the ticket server apparatus 2 informs the audiovisual apparatus4 that the issue of a ticket is not permitted (step C5′). Then, theaudiovisual apparatus 4 informs the user, through the user outputsection 42, that the issue of a ticket is not permitted (step C6′). Inthis case, the user cannot practice the usage of the work.

In the case where the usage condition discriminating section 23determines to issue a ticket, the ticket generating section 24 makes areference to the block corresponding to the designated usage recited inthe usage condition descriptions, and acquires a ticket key from thatblock. Then, the ticket generating section 24 generates a ticket whichmeets the request (step C5). This ticket contains information such as“work ID”, “user ID”, “ticket serial number”, “ticket key”, “permittedusage”, “issue date” and “validity term” as shown in FIG. 15, forexample.

The ticket encrypting section 25 encrypts the generated ticket so thatonly the audiovisual apparatus 4 on the part of the user can decrypt it.Then, the distribution interface section 26 transmits the encryptedticket to the audiovisual apparatus 4 (step C6). In this case, it ispreferred that the ticket be encrypted adopting a public key encryptionsystem. However, a session key which differs depending on request may begenerated in accordance with a Diffie-Hellman key protocol, and theticket may be encrypted adopting the common key cryptographic system.

In the audiovisual apparatus 4, the ticket interface section 44 receivesthe ticket, decrypts the ticket with either a user's secret key or theaforementioned session key, and stores the decrypted ticket in theticket storing section 45 (step C7).

The decapsulating section 48 refers to the ticket for the usage and apredetermined block (e.g. a “view” block) of the usage secretinformation table (step C8), and extracts ticket key Ru and usage secretinformation E [Ru] (R) from the ticket and the block, respectively (stepC9). Then, in the decapsulating section 48, the decrypting subsection481 restores decryption key R for the work by decrypting usage secretinformation E [Ru] (R) with ticket key Ru (step C10).

Thereafter, in the decapsulating section 48, the decrypting subsection481 decrypts the encrypted work data with the decryption key R, therebyrestoring the work data (step C11).

Next, the process carried out by step D will be explained.

The reproducing processing section 43 has a nonvolatile memory in whichthe work data as encrypted by the prior step is temporarily stored. Thereproducing processing section 43 also processes the work data, whilecarrying on a dialog with the user through the user input section 41 andthe user output section 42.

According to the first embodiment, as described above, the encryptedwork and the usage secret information, etc. are encapsulated togetherand distributed over a network such as the Internet. The usage secretinformation is not a decryption key itself of the encrypted work data,and a ticket is necessary to attain the decryption key. Therefore, thecapsular work can be copied freely and can be exchanged between anyusers, without necessarily asking the distribution center apparatus 3.This leads to an improvement in a work distribution speed and theenlargement of a distribution area. Moreover, since tickets aregenerated each for one of the plural usages, the ticket price is lowerthan in the case where tickets are generated each for some usages, whichcontributes toward the promotion of the use of works.

Second Embodiment

Referring now to FIG. 16, a work distribution system according to thesecond embodiment of the present invention differs from that of thefirst embodiment in the point that the work distribution system of thesecond embodiment includes a first audiovisual apparatus 5, in additionto the apparatuses illustrated in FIG. 1. The work distribution systemof the second embodiment further differs from that of the firstembodiment in the point that the encapsulating processing section 15,included in an editing apparatus 6 of the work distribution system ofthe second embodiment, has a key dividing subsection 654 in addition tothe structure of the encapsulating processing section 15 included in theediting apparatus 1 of the first embodiment. Moreover, a secondaudiovisual apparatus 7 of the second embodiment differs from theaudiovisual apparatus 4 of the first embodiment in the point that thedecapsulating section 48, included in the second audiovisual apparatus 7of the second embodiment, has a key combining subsection 782 in additionto the structure of the decapsulating section 48 included in theaudiovisual apparatus 4 of the first embodiment.

The first audiovisual apparatus 5 has basically the same structure asthe audiovisual apparatus 4 of the first embodiment shown in FIG. 1,except that the first audiovisual apparatus 5 is capable of transmittingthe work data decrypted by the decapsulating section 48 to the editingprocessing section 14 of the editing apparatus 6, in accordance with aninstruction from the user input section 41.

In the case of creating, with the encapsulating processing section 15, asecondary capsular utilizing the work data which has been attained byreediting, through the editing processing section 14, the first capsularwork acquired from the first audiovisual apparatus 5, the key dividingsubsection 654 of the editing apparatus 6 generates a second ticket keyfor the secondary capsular work, based on the first ticket key for thefirst capsular work and a predetermined key (original ticket key)acquired from the random number generating subsection 153.

In order to make use of the secondary capsular work, the key combiningsubsection 782 of the second audiovisual apparatus 7 restores theoriginal ticket key from the first and second ticket keys.

In the work distribution system of the second embodiment, the firstaudiovisual apparatus 5 and the editing apparatus 6 are connected toeach other via a network such as the Internet. Furthermore, the firstaudiovisual apparatus 5 and the second audiovisual apparatus 7 areconnected respectively to the ticket server apparatus 2 and thedistribution center apparatus 3 through the network such as theInternet.

The operations performed in the second embodiment will now be described.

Firstly, the whole operation flow of the second embodiment will bebriefly explained with reference to FIG. 17.

A primary author creates a first capsular work in the same manner as inthe case of the first embodiment (step A).

A secondary author acquires the first work through the first audiovisualapparatus 5, as in the case of the first embodiment (step B1). Then, thesecondary author inputs a reediting request to the first audiovisualapparatus 5. The first audiovisual apparatus 5, to which the request hasbeen input by the secondary author, requests a predetermined reeditingticket from the ticket server apparatus 2, as in the case of theaudiovisual apparatus 4 of the first embodiment.

The ticket server apparatus 2, which has received the request for thereediting ticket, discriminates the usage conditions in reediting, andtransmits the reediting ticket to the first audiovisual apparatus 5 whenthe ticket server apparatus 2 determines to allow the secondary user toperform reediting. The secondary author thus acquires the reeditingticket (step C). Furthermore, the secondary author edits the work datawith the editing apparatus 6, and registers the edited work data in thedistribution center apparatus 3. Moreover, with the editing apparatus 6,the secondary author also sets usage conditions for usages of thesecondary work, and registers those usage conditions in the ticketserver 2 (step A′).

Next, a user acquires the second capsular work through the secondaudiovisual apparatus 7 (step B2). Furthermore, the user makes a requestfor use of the second capsular work, acquires a ticket for the work, andstores the ticket in the audiovisual apparatus 7 (step C). Thereproducing processing section 43 reproduces the work data in the samemanner as in the case of the first embodiment (step D).

The process carried out by step A′ shown in FIG. 17 will now beexplained in more detail with reference to FIG. 18.

As well as the audiovisual apparatus 4 of the first embodiment, thefirst audiovisual apparatus 5 which has received the reediting ticketdecrypts the first work data by using the reediting ticket, andtransmits the first work data to the editing apparatus 6. Thereafter,the secondary author reedits the work data with the editing processingsection 14 of the editing apparatus 6, thereby creating the second workdata (step A′1).

With the usage condition setting section 13, the secondary author setsthe usage conditions to the secondary work data in the same manner as inthe case of the first embodiment (a step A′2). Utilizing the encryptingsubsection 151 and the random number generating subsection 153, theediting apparatus 6 encrypts the secondary work data (a step A′3).

Thereafter, in association with one of the plural usages for which theusage conditions have been set, the editing apparatus 6 acquires firstticket T1 for the first capsular work from the ticket server 2, and thenacquires second ticket T2 in the following manner:

Firstly, random number R which the ticket key generating subsection 152needs in order to generate second ticket T2, is generated by the randomnumber generating subsection 153 (step A′4-1). This random number willhereinafter be referred to as the original ticket key.

Then, using original ticket key R and first ticket key K1 for firstticket T1, the key dividing subsection 654 derives ticket key K2 forsecond ticket T2 from Equation 1 (step A4-2). This procedure isschematically shown in FIG. 20.K 2=f(K 1, R)  (Equation 1)

Function ‘f’ shown above satisfies both of following Equations 2 and 3simultaneously:|f(a, b)|˜|a|˜|b|  (Equation 2)

-   -   (“|x|” represents the bit number of a positive integer x, while        “˜” indicates “approximately equal to”.)        f(b1, b2)=f(b2, b1)  (Equation 3)

Furthermore, function f is such a function that there are inversefunctions “inv” which satisfy following Equations 4 and 5 in the case ofa=f(b1, b2).b2=finv(b1, a)=finv(a, b1)  (Equation 4)b1=finv(a, b2)=finv(b2, a)  (Equation 5)

Equation 6 shows a specific example of function f.f(a, b)=aXORb  (Equation 6)

-   -   (XOR represents an exclusive disjunction.)

In this case, f is equal to finv.

The usage secret information for each usage is generated after thegeneration of the second ticket key. More specifically, the encryptingsection 151 effects encryption adopting decryption key K of theencrypted work data and original ticket key R, thereby obtaining theusage secret information for each usage (step A′4-3).

The second ticket keys generated in the above-described manner areembedded in the usage descriptions, as in the case of the firstembodiment (step A′5), and is registered in the ticket server apparatus2 (step A′6).

Meanwhile, as in the case of the first embodiment, the usage secretinformation table is generated based on the usage secret information.Furthermore, a list of ticket issuers including not only the issuer ofthe second ticket, but also the issuer of the first ticket, isgenerated. The usage secret information table, the work information suchas the list of ticket issuers, and the encrypted work data are combinedto generate the second capsular work having such a structure as thatshown in FIG. 21 (step A′7). The second capsular work as generated isregistered in the distribution center apparatus 3 (step A′8).

Next, the process carried out by step C′ shown in FIG. 17 will beexplained in more detail with reference to FIG. 18.

The user makes a request for practicing desired usage of the secondcapsular work (step C′1). The second audiovisual apparatus 7 determinesthe required ticket with reference to the list of ticket issuerscontained in the work information relating to the work (step C′2).

Firstly, the ticket interface section 44 requests the second ticket fromthe ticket server apparatus 2 (step C′3).

The ticket server apparatus 2, which has received the request for thesecond ticket, determines whether the usage requested by the secondaudiovisual apparatus 7 matches the usage conditions set to the secondwork, and transmits the second ticket key to the second audiovisualapparatus 7 when the usage requested by the second audiovisual apparatus7 matches the usage conditions set to the second work (step C′4).

Next, the second audiovisual apparatus 7 similarly requests the firstticket from the ticket server apparatus 2 (step C′5). The ticket serverapparatus 2 performs determination based on the usage conditions, andthen transmits the first ticket (step C′6).

In order to decrypt the capsular work containing the work data, thedecapsulating section 48 of the audiovisual apparatus 7 causes the keycombining section 782 to extract first ticket key K1 and second ticketkey K2 from the first and second tickets, and carries out calculationusing Equation 7 (step C′7).R′=finv(K 1 , K 2)  (Equation 7)

In this case, original ticket key R satisfies Equation 8)R′=R  (Equation 8)

Then, the decrypting subsection 481 restores decryption key K of theencrypted work data, using R′ and a piece of usage secret informationwhich corresponds to the usage, among pieces of usage secret informationcontained in the usage secret information table (step C′8).

Thereafter, the decrypting section 481 decrypts the second work data,using decryption key K and the encrypted work data (step C′9).

In to the second embodiment, since the tickets for the primary andsecondary works are required at the same time in order to make use ofthe secondary work, the copyright protection of the secondary work isstrengthened accordingly. Moreover, because the number of times thedecryption is performed is only once, the lowering of the throughput ofthe reproducing process can be minimized also in the case of decryptinglarge-sized encrypted work data.

Third Embodiment

Referring now to FIG. 22, a work distribution system according to thethird embodiment of the present invention differs from that of the firstembodiment shown in FIG. 1 in the point that an editing apparatus 8,included in the work distribution system of the third embodiment, has acharging module editing section 87 and a charging module storing section88 in addition to the structure of the editing apparatus 1 included inthe work distribution system of the first embodiment. The workdistribution system of the third embodiment further differs from that ofthe first embodiment in the point that an audiovisual apparatus 9,included in the work distribution system of the third embodiment, has acharging processing section 98 and a charging module storing section 99.The work distribution system of the third embodiment also differs fromthat of the first embodiment in that the work distribution system of thethird embodiment has an electronic wallet apparatus 101 and an accountsettling server apparatus 111 in addition to the structure of the workdistribution system according to the first embodiment shown in FIG. 1.

The charging module editing section 87 complies the source code of acharging module and generates an object code.

The charging module storing section 88 stores the object code of thecharging module which has been generated by the charging module editingsection 87.

The charging processing section 98 has an execution queue managementsubsection 981 and a charging module executing subsection 982, andexecutes a charging module stored in the charging module storing section99.

The charging module storing section 99 stores charging modulesencapsulated in a capsular work.

In the electronic wallet apparatus 101, a record for the charged amountgenerated by the audiovisual apparatus 9 is recorded as money to bepaid, and regularly communicates with the account settling serverapparatus 111 in order to perform account settling processing.

The account settling server apparatus 111 transmits account settlinginformation to a predetermined financial agent through communicationswith the electronic wallet apparatus 101, and performs appropriateprocessing for depositing money into an account of a seller or anauthor.

In the work distribution system illustrated in FIG. 22, the electronicwallet apparatus 101 and the audiovisual apparatus 9 can be realized onthe same computer machine. In that case, the electronic wallet apparatus101 may have also the function of the account settling server apparatus111.

The operations performed in the third embodiment will now be described.

Firstly, the whole operation flow of the third embodiment will beexplained with reference to FIG. 23.

As in the case of the first embodiment, an author edits work data,registers the edited work data and sets usage conditions for usages ofthe work data. Furthermore, according to the third embodiment, theauthor also sets the charging method and the charged amount (step A″).

Next, a user acquires capsulated work through the capsular workinterface section 46 of the audiovisual apparatus 9 (step B′1). Afterthe acquisition, the capsular work interface section 46 extractscharging modules from the capsular work, and stores the extractedcharging modules in the charging module storing section 99. The capsularwork, from which the charging modules have been extracted, is stored inthe capsular work storing section 47 (step B′2).

The user makes a request for use of the work. The audiovisual apparatus9 acquires a ticket for the work from the ticket server apparatus 2, andstores the ticket in the ticket storing section 45. Furthermore, theaudiovisual apparatus 9 of the third embodiment also executes chargingprocessing with respect to the capsular work (step C″). The reproducingprocessing section 43 reproduces the work data as in the case of thefirst embodiment, thus enabling the user to make use of the work data(step D).

Next, the process carried out by step A″ shown in FIG. 23 will beexplained in more detail, with reference to FIG. 24.

As in the case of the first embodiment, the author creates the work datawith the editing apparatus 8 (step A″1). Then, the author sets the usageconditions for each usage through the usage condition setting section13. In this case, in order to set the charging method and the chargedamount in addition to the usage conditions, unlike in the case of thefirst embodiment, the author selects any appropriate charging moduleamong those stored in the charging module storing section 88. If thereis no appropriate charging module, then the user can create a new modulethrough the charging module editing section 87 and can use it.Thereafter, the author sets the charged amount and details of parametersto be adopted in the charging method. The contents which have been setby the author are converted to arguments to be applied to the chargingmodules (step A″2).

Following the above, the encapsulating processing section 15 encryptsthe work data (step A″3). Then, based on the charging modules set to therespective usages in the above-described manner, the encapsulatingprocessing section 15 creates a charging module archive which containsthe execution forms (load modules) of the respective charging modules(step A″4). Then, the encapsulating processing section 15 creates aticket key and usage secret information in the same manner as theencapsulating processing section 15 of the first embodiment (step A″5),generates a capsular work structured as shown in FIG. 26 and containingthe encrypted work data, the usage secret information table, other workinformation and the charging module archive (step A″6), and registersthe capsular work in the distribution center apparatus 3 (step A″7).

Meanwhile, as well as ticket keys, the names of the charging modules andtheir corresponding arguments are embedded in the usage conditiondescriptions (step A″8), and registered in the ticket server apparatus 2through the registration interface section 16 (step A″9).

Next, the process carried out by step C″ shown in FIG. 23 will beexplained in detail.

The audiovisual apparatus 9 determines whether the required ticket hasalready been acquired before use of the capsular work (step C″1). In thecase where the required ticket has not yet been acquired, theaudiovisual apparatus 9 acquires the ticket from the ticket serverapparatus 2 as in the case of the audiovisual apparatus 4 of the firstembodiment, and then stores the ticket (steps C″2 to C″7). In the casewhere the ticket has already been acquired, the audiovisual apparatus 9performs processing for restoring the work data from the stored ticket.

The ticket in that case contains charging information stored in itscharging information field, in addition to various data (the work ID,the author ID, etc.) contained in the ticket of the first embodiment.The charging information includes the name of a charging module and adescription concerning an argument such as the charge amount which isapplied to the charging module (FIG. 27).

Using the ticket, the encapsulating processing section 48 of theaudiovisual apparatus 9 divides the capsular work into plural data, asin the case of the audiovisual apparatus 4 of the first embodiment (stepC′8).

Thereafter, the audiovisual apparatus 9 refers to the charginginformation field of the ticket, and sends the charging information tothe charging processing section 98. The charging processing section 98records the charging information in the execution queue managementsubsection 981 (step C″9). The execution queue management subsection 981retains the charging information in the form of a table showing theticket serial number, the charging module name, the charged amount andan argument to be applied to any other charging module. This table willhereinafter be referred to as the execution queue.

Subsequent to the above, the charging processing section 98 extracts thecharging module corresponding to the ticket registered in the executionqueue through the charging module storing section 99, and causes thecharging module executing subsection 982 to execute the charging modulein order to carry out the charging processing (step C″10).

The charging module is a program which describes the charging method.The charging module can describe, as the charging method, a chargingsystem such as a lump payment system in which a use can be repeatedlymade according to the same usage by paying the charged amount designatedat the time of use, or a pay-per-view system in which a predeterminedcharged amount needs to be paid each time a use is made. Furthermore, inthe audiovisual apparatus 9, basic methods such as those shown in FIG.29 have been prescribed so that the charging processing can be performedin response to a predetermined call. Procedures for driving theindividual elements of the audiovisual apparatus 9 have also beenpredefined as built-in methods. By calling one built-in method withinthe charging module, processing such as passing the charge informationto the electronic wallet apparatus 110 can be conducted. Furthermore,any user-defined methods defined by authors, etc. can also be adopted.

In the definitions of the basic methods, various charging processing canbe performed by combining the built-in methods and any user-definedmethods in various ways and calling combinations thereof (FIGS. 30(a)and 30(b)).

A specific example of the charging processing carried out by thecharging module will now be described. The charging module involves thebasic method “charge( )”. The charging module executing subsection 982is programmed so as to execute the charging processing by calling themethod “charge( )” and passing arguments (the charged amount, thecorresponding ticket and any other information), regardless of themodule type. The called method “charge( )” informs the electronic walletapparatus 101 of the charged amount and information concerning the moneydeposition destination, etc. received as the arguments. The electronicwallet apparatus 101 retains the received information as the chargedamount information, communicates with the account settling serverapparatus 111 at predetermined time intervals (e.g. a day), and carriesout account settling processing for depositing the charged amount intothe designated deposition destination.

The basic method “expire( )” is called when needed. By executing themethod “expire( )”, the charging module is deleted from the executionqueue. In the case where the method “disable_ticket( )” is called, thecorresponding ticket is invalidated. Hereafter the invalidated ticket isnot handled as a normal ticket at the time of use of a work. On theother hand, in the case where the method “transmitToWallet( )” iscalled, the amount specified by one argument is recorded in theelectronic wallet apparatus 9 as the amount to be paid.

According to a specific example of the charging module, the method“charge( )” is called first, whereby the methods “expire( )” and“disable_ticket( )” are called, under which condition a charge is madeby what is called the pay-per-view system. In the case where only themethod “expire( )” is called as a result when the method “charge” beingcalled first, a conventional purchasing system is realized (in which theprice for a goods is paid at the time the goods is received). In thecase where the method “charge( )” is called employing the purchasingdate and the usability term as the arguments and when the methods“expire( )” and “disable_ticket( )” are called on the day after theexpiration of the usability term starting on the purchasing date, acharging system with a time limit like that in the case of a videorental is realized.

In the third embodiment, by employing an appropriate charging module, anappropriate charging method can be flexibly selected depending on theintentions of an author and a seller as to the distribution or dependingon the characters of a work. Furthermore, the third embodiment has agood affinity for a preexisting account settling mechanism, since thecharging processing and the account settling processing can be performedby two stages and a conventional electronic account settling system suchas SET can be adopted in communications between the electronic walletapparatus 100 and the account settling server 101.

Modifications of the Embodiments

The present invention is not limited to the above-described embodiments,and various modifications and applications are possible. Modificationsof the above-described embodiments which are applicable to the presentinvention will now be described.

In the first embodiment, the capsular work generated by the editingapparatus 1 can be written in a nonvolatile memory such as a writablecompact disk, without registering the capsular work in the distributioncenter apparatus 3 through the registration interface section 16.Whether to record the capsular work in the nonvolatile memory isdetermined by an author. In the case of acquiring the capsular workthrough the audiovisual apparatus 4 under the above circumstances, thenonvolatile memory is obtained and access is gained to the nonvolatilememory in the capsular work storing section 44, instead of gainingaccess to the distribution center apparatus 3. Under those conditions,physical distribution can be achieved by placing such nonvolatilememories in shops, which is advantageous when the size of the work datais considerably large and therefore can hardly be distributed across anetwork.

In the second embodiment, the key dividing subsection 654 of the editingapparatus 6 is also capable of generating, based on ticket key K1 of theprimary author, ticket key K2 of the secondary author which serves as akey divisional function, in accordance with the common key cryptographicsystem using original ticket key R as a key. In this case, the keycombining subsection 782 of the second audiovisual apparatus 7 restoresR from K1 in accordance with the common key cryptographic system usingticket key K2 as a key. However, the ticket key of the nth work (n>2)cannot be generated through the key division in accordance with thecommon key cryptographic system as explained previously.

The use of key divisional function f enables the ticket keys of such antertiary n^(th) work et seq. to be generated. In this case, the editingapparatus 6 acquires ticket keys K1 to Kn−1 of the primary to (n−1)^(th)authors and generates original ticket key R. Then, using key divisionalfunction f, the key dividing subsection 654 calculates Equation 9.Kn=f(K 1 , K 2, . . . , Kn−1, R)  (Equation 9)

The key combining section 782 of the second audiovisual apparatus 7calculates following Equation 10 as explained previously, therebyrestoring original ticket key R.R=finv(K 1 , K 2 , . . . , Kn−1, Kn)  (Equation 10)

In this case, the order in which the ticket keys K1 to Kn−1 of theprimary to (n−1)^(th) authors are acquired is arbitrary.

In the first to third embodiments described above, a symmetricencryption system in which a common key is used for encryption anddecryption is adopted to generate ticket keys. However, an asymmetricencryption system in which different keys are used for encryption anddecryption can also be adopted to generate ticket keys.

In the first to third embodiments explained above, the editingapparatuses 1, 6, 8, the ticket server apparatus 2 and the distributioncenter apparatus 3 are realized on different computer machines, and areconnected to each other via a network. However, all or given two ofthose apparatuses may be realized on the same computer machine.

The editing apparatuses 1, 6, 8, the ticket server apparatus 2, thedistribution center apparatus 3, the audiovisual apparatuses 4, 5, 7 and9 of the first to third embodiments can be attained by distributingcomputer usable storage mediums such as CD-ROMs or floppy diskscontaining programs stored therein for realizing the functions of therespective apparatuses.

According to the present invention, as explained above, the distributedcapsular work does not contain the decryption key of its work data.Therefore, the work data can be distributed freely. In the case ofallowing a user to make use of the work data, a ticket encryption key isdistributed to him/her. This enhances the work distribution area andpromotes the use of the work data.

Furthermore, ticket keys (encryption keys and decryption keys) whichdiffer depending on the usage conditions for usages of the work data canbe generated. This enables the work data to be used on the usageconditions set so that the intentions of an author and a seller arereflected as regards the use of a work.

Moreover, by generating the secondary work data and setting thesecondary work data as the distribution target, the second work data canbe distributed in the same manner as the primary work data. Thispromotes the work authoring activities. In order to make use of thesecondary work, a ticket decryption key of the original work data onwhich the secondary work bases is also required. Thus, the copyrightowned by the primary author is protected satisfactorily.

Furthermore, by generating the charging modules for the respective usageconditions and performing the charging processing in accordance with anyappropriate charging module, an appropriate charging method can beflexibly selected depending on the intentions of an author and a selleror depending on the characters of a work.

This application is based on Japanese Patent Application No. H10-213789filed Jul. 29, 1998, and including specification, claims, drawings andsummary. The disclosure of the above Japanese Patent Application isincorporated herein by reference in its entirety.

1. A digital work distribution system for distributing digital works toa user computer, comprising first and second computers which areconnected to each other and to the user computer via a network and eachof which has a memory and a central processing unit, wherein said firstcomputer executes a program to perform: setting conditions for pluralusages of work data to be distributed; encrypting said work data with apredetermined encryption key; generating different ticket encryptionkeys and their corresponding ticket decryption keys, each of said ticketencryption keys and its corresponding one of said ticket decryption keysbeing associated with conditions for one usage among the set conditionsfor the plural usages; encrypting a predetermined decryption keycorresponding to said predetermined encryption key, by using each ofsaid ticket encryption keys generated each in association with theconditions for one of the plural usages; and encapsulating said workdata and said predetermined decryption key encrypted using each of saidticket encryption keys generated each in association with the conditionsfor one of the plural usages, and generating a capsular work whichcontains said work data and said predetermined decryption key; and saidsecond computer executes a program to perform: storing, in associationwith each other, the conditions for the plural usages which have beenset by said first computer and said ticket decryption keys correspondingto said ticket encryption keys generated each in association with theconditions for one of the plural usages and used to encrypt saidpredetermined decryption key; encrypting, in reply to an externalrequest for use of said work data received over the network from a usercomputer, a ticket decryption key which is associated with theconditions for one usage corresponding to the request among the storedticket decryption keys; distributing the encrypted ticket decryption keyto a requester at the user computer who has made the request for use ofsaid work data; a third computer which is connected to the network andwhich has a memory and a processor, wherein said third computer performsacquiring said capsular work generated by said first computer; acquiringa ticket decryption key corresponding to a ticket encryption keyassociated with the conditions for a desired one of the plural usagesand contained in the acquired capsular work; decrypting, with theacquired ticket decryption key, the encrypted decryption key containedin said capsular work; decrypting said work data contained in saidcapsular work by using the decrypted decryption key; and reproducing thedecrypted work data; and wherein said first computer further performsgenerating charging modules to effect processing of making a charge forthe work data to be distributed, each of said charging modules beingassociated with the conditions for one of the plural usages; and furtherencapsulating, in said capsular work, said charging modules generatedeach in association with the conditions for one of the plural usages;and said second computer further performs storing pieces of chargingmodule identification information for identifying said charging modules,in association with the conditions for the plural usages, anddistributing, to the requester who has made the request for use of saidwork data, a piece of charging module identification informationassociated with the conditions for one usage corresponding to therequest among the stored pieces of charging module identification; andsaid third computer further performs extracting said charging modulescontained in the acquired capsular work and storing the extractedcharging modules; and executing the processing of making a charge forsaid work data by employing one of the stored charging modules inaccordance with the piece of charging module identification informationtransmitted in reply to the request for use of said work data.
 2. Thedigital work distribution system according to claim 1, wherein saidpredetermined encryption key and said predetermined decryption keycorresponding thereto are an identical key adopting a commoncryptographic system.
 3. The digital work distribution system accordingto claim 2, wherein a common cryptographic key which is a random numberis used for encryption and decryption of said capsular work.
 4. Adigital work distribution system for distributing digital works to auser computer, comprising first and second computers which are connectedto each other and to the user computer via a network and each of whichhas a memory and a central processing unit, wherein said first computerexecutes a program to perform: setting conditions for plural usages ofwork data to be distributed; encrypting said work data with apredetermined encryption key; generating different ticket encryptionkeys and their corresponding ticket decryption keys, each of said ticketencryption keys and its corresponding one of said ticket decryption keysbeing associated with conditions for one usage among the set conditionsfor the plural usages; encrypting a predetermined decryption keycorresponding to said predetermined encryption key, by using each ofsaid ticket encryption keys generated each in association with theconditions for one of the plural usages; and encapsulating said workdata and said predetermined decryption key encrypted using each of saidticket encryption keys generated each in association with the conditionsfor one of the plural usages, and generating a capsular work whichcontains said work data and said predetermined decryption key; and saidsecond computer executes a program to perform: storing, in associationwith each other, the conditions for the plural usages which have beenset by said first computer and said ticket decryption keys correspondingto said ticket encryption keys generated each in association with theconditions for one of the plural usages and used to encrypt saidpredetermined decryption key; encrypting, in reply to an externalrequest for use of said work data received over the network from a usercomputer, a ticket decryption key which is associated with theconditions for one usage corresponding to the request among the storedticket decryption keys; and distributing the encrypted ticket decryptionkey to a requester at the user computer who has made the request for useof said work data; wherein said first computer further performs:generating secondary work data to be distributed, based on the work datacontained in said capsular work; setting conditions for plural usages ofsaid secondary work data to be distributed; encrypting said secondarywork data with a predetermined encryption key; generating differentoriginal ticket keys each in association with the conditions for one ofthe plural usages of said secondary work data; encrypting apredetermined decryption key corresponding to said predeterminedencryption key of said secondary work data, by using each of saidoriginal ticket keys generated each in association with the conditionsfor one of the plural usages of said secondary work data; encapsulatingsaid secondary work data and said predetermined decryption key encryptedusing each of said original ticket keys generated each in associationwith the conditions for one of the plural usages of said secondary workdata, and generating a capsular work which contains said secondary workdata and said predetermined decryption key; and generating other ticketdecryption keys, based on said original ticket keys and said ticketdecryption keys of said work data on which said secondary work databases; and said second computer further performs: storing the conditionsfor the plural usages of said secondary work and said other ticketdecryption keys in association with each other and transmitting, inreply to an external request for use of said secondary work data, one ofsaid other ticket decryption keys which is associated with theconditions for one usage corresponding to the request, to a requesterwho has made the request for use of said secondary work.
 5. The digitalwork distribution system according to claim 4, further comprising athird computer which is connected to the network and which has a memoryand a processor, wherein said third computer performs: storing thecapsular work generated by said first computer; and distributing thestored capsular work.
 6. The digital work distribution system accordingto claim 4, wherein each of said ticket encryption keys and itscorresponding one of said ticket decryption keys are an identical keyadopting a common cryptographic system.
 7. The digital work distributionsystem according to claim 4, wherein said first computer furtherperforms: generating charging modules to effect processing of making acharge for the work data to be distributed, each of said chargingmodules being associated with the conditions for one of the pluralusages; further encapsulating, in said capsular work, said chargingmodules generated each in association with the conditions for one of theplural usages; and said second computer further performs: storing piecesof charging module identification for identifying said charging modules,in association with the conditions for the plural usages.
 8. A digitalwork reproduction apparatus for reproducing digital works, comprising aninput section, an output section, a memory which stores a predeterminedprogram, and a central processing unit, wherein said central processingunit executes the predetermined program, stored in said memory, forperforming: acquiring a capsular work in which work data encrypted witha predetermined encryption key, and a predetermined decryption keyencrypted with each of different ticket encryption keys associated eachwith conditions for one of plural usages of said work data, areencapsulated; acquiring a ticket decryption key corresponding to aticket encryption key associated with the conditions for a desired oneof the plural usages and contained in the acquired capsular work;decrypting, with the acquired ticket decryption key, the encryptedpredetermined decryption key contained in said capsular work;decrypting, with the decrypted predetermined decryption key, said workdata contained in said capsular work; and reproducing the decrypted workdata, wherein charging modules to effect processing of making a chargefor said work data are further encapsulated in said capsular work; andthe central processing unit performs acquiring a piece of chargingmodule identification information which is associated with theconditions for the desired one of the plural usages, among pieces ofcharging module identification information for identifying said chargingmodules; extracting said charging modules contained in the acquiredcapsular work and storing the extracted charging modules; and executingthe processing of making a charge for said work data by employing one ofthe stored charging modules in accordance with the acquired piece ofcharging module identification information.
 9. A digital workdistribution method for distributing digital works between at least onehost computer source and a requester computer communicating via anetwork, comprising: with at least one host computer source connected toa network setting conditions for plural usages of work data to bedistributed; encrypting said work data with a predetermined encryptionkey; generating different ticket encryption keys and their correspondingticket decryption keys, each of said ticket encryption keys and itscorresponding one of said ticket decryption keys being associated withthe set conditions for one of the plural usages; encrypting apredetermined decryption key corresponding to said predeterminedencryption key, by using each of said ticket encryption keys generatedeach in association with the conditions for one of the plural usages;encapsulating said work data and said predetermined decryption keyencrypted using each of said ticket encryption keys associated each withthe conditions for one of the plural usages, and generating a capsularwork which contains said work data and said predetermined decryptionkey; storing, in association with each other, the set conditions for theplural usages and said ticket decryption keys corresponding to saidticket encryption keys generated each in association with the conditionsfor one of the plural usages and used to encrypt said predetermineddecryption key; encrypting, in reply to an external request for use ofsaid work data received over the network from a requester computer, aticket decryption key which is associated with the conditions for oneusage corresponding to the request among the stored ticket decryptionkeys; and distributing the encrypted ticket decryption key to therequester computer who has made the request for use of said work data;generating secondary work data to be distributed, based on the work datacontained in said capsular work; setting conditions for plural usages ofsaid secondary work data to be distributed; encrypting said secondarywork data with a predetermined encryption key; generating differentoriginal ticket keys each in association with the conditions for one ofthe plural usages of said secondary work data; encrypting apredetermined decryption key corresponding to said predeterminedencryption key of said secondary work data, by using each of saidoriginal ticket keys generated each in association with the conditionsfor one of the plural usages of said secondary work data; encapsulatingsaid secondary work data and said predetermined decryption key encryptedusing each of said original ticket keys generated each in associationwith the conditions for one of the plural usages, and generating acapsular work which contains said secondary work data and saidpredetermined decryption key; generating other ticket decryption keys,based on said original ticket keys and said ticket decryption keys ofsaid work data on which said secondary work data bases; and storing theconditions for the plural usages of said secondary work and said otherticket decryption keys in association with each other and transmitting,in reply to an external request for use of said secondary work data, oneof said other ticket decryption keys which is associated with theconditions for one usage corresponding to the request, to a requesterwho has made the request for use of said secondary work.
 10. A digitalwork distribution method for distributing digital works between at leastone host computer source and a requester computer communicating via anetwork, comprising: with at least one host computer source connected toa network setting conditions for plural usages of work data to bedistributed; encrypting said work data with a predetermined encryptionkey; generating different ticket encryption keys and their correspondingticket decryption keys, each of said ticket encryption keys and itscorresponding one of said ticket decryption keys being associated withthe set conditions for one of the plural usages; encrypting apredetermined decryption key corresponding to said predeterminedencryption key, by using each of said ticket encryption keys generatedeach in association with the conditions for one of the plural usages;encapsulating said work data and said predetermined decryption keyencrypted using each of said ticket encryption keys associated each withthe conditions for one of the plural usages, and generating a capsularwork which contains said work data and said predetermined decryptionkey; storing, in association with each other, the set conditions for theplural usages and said ticket decryption keys corresponding to saidticket encryption keys generated each in association with the conditionsfor one of the plural usages and used to encrypt said predetermineddecryption key; encrypting, in reply to an external request for use ofsaid work data received over the network from a requester computer, aticket decryption key which is associated with the conditions for oneusage corresponding to the request among the stored ticket decryptionkeys; distributing the encrypted ticket decryption key to the requestercomputer who has made the request for use of said work data; generatingcharging modules to effect processing of making a charge for the workdata to be distributed, each of said charging modules being associatedwith the conditions for one of the plural usages; further encapsulating,in said capsular work, said charging modules generated each inassociation with the conditions for one of the plural usages; andstoring pieces of charging module identification information foridentifying said charging modules, in association with the conditionsfor the plural usages.
 11. A computer program product, including acomputer usable medium having a computer readable program embodiedtherein for executing: setting conditions for plural usages of work datato be distributed; encrypting said work data with a predeterminedencryption key; generating different ticket encryption keys and theircorresponding ticket decryption keys, each of said ticket encryptionkeys and its corresponding one of said ticket decryption keys beingassociated with the set conditions for one of the plural usages;encrypting a predetermined decryption key corresponding to saidpredetermined encryption key, by using each of said ticket encryptionkeys generated each in association with the conditions for one of theplural usages; encapsulating said work data and said predetermineddecryption key encrypted using each of said ticket encryption keysgenerated each in association with the conditions for one of the pluralusages, and generating a capsular work which contains said work data andsaid predetermined decryption key; generating secondary work data to bedistributed, based on the work data contained in said capsular work;setting conditions for plural usages of said secondary work data to bedistributed; encrypting said secondary work data with a predeterminedencryption key; generating different original ticket keys each inassociation with the conditions for one of the plural usages of saidsecondary work data; encrypting a predetermined decryption keycorresponding to said predetermined encryption key of said secondarywork data, by using each of said original ticket keys generated each inassociation with the conditions for one of the plural usages of saidsecondary work data; encapsulating said secondary work data and saidpredetermined decryption key encrypted using each of said originalticket keys generated each in association with the conditions for one ofthe plural usages of said secondary work data, and generating a capsularwork which contains said secondary work data and said predetermineddecryption key; and generating other ticket decryption keys, based onsaid original ticket keys and said ticket decryption keys of said workdata on which said secondary work data bases.
 12. The computer programproduct according to claim 11, wherein said program further executes:generating charging modules to effect processing of making a charge forthe work data to be distributed, each of said charging modules beingassociated with the conditions for one of the plural usages; and furtherencapsulating, in said capsular work, said charging modules generatedeach in association with the conditions for one of the plural usages.13. A computer program signal embodied in a carrier wave comprising: ausage condition setting segment which sets conditions for plural usagesof work data to be distributed; a work encrypting segment which encryptssaid work data with a predetermined encryption key; a ticket keygenerating segment which generates different ticket encryption keys andtheir corresponding ticket decryption keys, each of said ticketencryption keys and its corresponding one of said ticket decryption keysbeing associated with conditions for one usage among the conditions forthe plural usages which have been set by said usage condition settingsegment; a decryption key encrypting segment which encrypts apredetermined decryption key corresponding to said predeterminedencryption key, by using each of said ticket encryption keys generatedeach in association with the conditions for one of the plural usages; anencapsulating segment which encapsulates said work data and saidpredetermined decryption key encrypted using each of said ticketencryption keys generated each in association with the conditions forone of the plural usages, and which generates a capsular work containingsaid work data and said predetermined decryption key; a secondary workdata generating segment which generates secondary work data to bedistributed, based on the work data contained in said capsular workgenerated by said encapsulating segment; a usage condition settingsegment which sets conditions for plural usages of said secondary workdata to be distributed; a secondary work encrypting segment whichencrypts said secondary work data with a predetermined encryption key;an original ticket key generating segment which generates differentoriginal ticket keys each in association with the conditions for one ofthe plural usages of said secondary work data; a decryption keyencrypting segment which encrypts a predetermined decryption keycorresponding to said predetermined encryption key, by using each ofsaid original ticket keys generated each in association with theconditions for one of the plural usages of said secondary work data; anencapsulating segment which encapsulates said secondary work data andsaid predetermined decryption key encrypted using each of said originalticket keys generated each in association with the conditions for one ofthe plural usages of said secondary work data, and which generates acapsular work containing said secondary work data and said predetermineddecryption key; and a ticket decryption key generating segment whichgenerates other ticket decryption keys, based on said original ticketkeys and the ticket decryption keys of said work data on which saidsecondary work data bases.
 14. A digital work distribution system fordistributing digital works, comprising first, second and third computerswhich are connected to each other via a network and each of which has amemory and a central processing unit, wherein said first computerexecutes a program to perform setting conditions for plural usages ofwork data to be distributed; encrypting said work data with apredetermined encryption key; generating different ticket encryptionkeys and their corresponding ticket decryption keys, each of said ticketencryption keys and its corresponding one of said ticket decryption keysbeing associated with conditions for one usage among the set conditionsfor the plural usages; encrypting a predetermined decryption keycorresponding to said predetermined encryption key, by using each ofsaid ticket encryption keys generated each in association with theconditions for one of the plural usages; and encapsulating said workdata and said predetermined decryption key encrypted using each of saidticket encryption keys generated each in association with the conditionsfor one of the plural usages, and generating a capsular work whichcontains said work data and said predetermined decryption key; saidsecond computer executes a program to perform storing, in associationwith each other, the conditions for the plural usages which have beenset by said first computer and said ticket decryption keys correspondingto said ticket encryption keys generated each in association with theconditions for one of the plural usages and used to encrypt saidpredetermined decryption key; encrypting, in reply to an externalrequest for use of said work data, a ticket decryption key which isassociated with the conditions for one usage corresponding to therequest among the stored ticket decryption keys; and distributing theencrypted ticket decryption key to a requester who has made the requestfor use of said work data; and said third computer executes a program toperform storing, at the third computer, the capsular work generated bysaid first computer; and distributing the stored capsular work.
 15. Thedigital work distribution system according to claim 14, wherein, saidpredetermined encryption key and said predetermined decryption keycorresponding thereto are an identical key adopting a commoncryptographic system and a common cryptographic key which is a randomnumber is used for encryption and decryption of said capsular work. 16.The digital work distribution system according to claim 14, wherein saidfirst computer further performs: generating secondary work data to bedistributed, based on the work data contained in said capsular work;setting conditions for plural usages of said secondary work data to bedistributed; encrypting said secondary work data with a predeterminedencryption key; generating different original ticket keys each inassociation with the conditions for one of the plural usages of saidsecondary work data; encrypting a predetermined decryption keycorresponding to said predetermined encryption key of said secondarywork data, by using each of said original ticket keys generated each inassociation with the conditions for one of the plural usages of saidsecondary work data; encapsulating said secondary work data and saidpredetermined decryption key encrypted using each of said originalticket keys generated each in association with the conditions for one ofthe plural usages of said secondary work data, and generating a capsularwork which contains said secondary work data and said predetermineddecryption key; and generating other ticket decryption keys, based onsaid original ticket keys and said ticket decryption keys of said workdata on which said secondary work data bases; and said second computerfurther performs: storing the conditions for the plural usages of saidsecondary work and said other ticket decryption keys in association witheach other and transmitting, in reply to an external request for use ofsaid secondary work data, one of said other ticket decryption keys whichis associated with the conditions for one usage corresponding to therequest, to a requester who has made the request for use of saidsecondary work.
 17. The digital work distribution system according toclaim 14, wherein said first computer further performs: generatingcharging modules to effect processing of making a charge for the workdata to be distributed, each of said charging modules being associatedwith the conditions for one of the plural usages; further encapsulating,in said capsular work, said charging modules generated each inassociation with the conditions for one of the plural usages; and saidsecond computer further performs: storing pieces of charging moduleidentification for identifying said charging modules, in associationwith the conditions for the plural usages.